org.springframework.vault.support.SslConfiguration Java Examples

The following examples show how to use org.springframework.vault.support.SslConfiguration. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: EnvironmentVaultConfigurationUnitTests.java    From spring-vault with Apache License 2.0 6 votes vote down vote up
@Test
void shouldConfigureSsl() {

	Map<String, Object> map = new HashMap<String, Object>();
	map.put("vault.ssl.key-store", "classpath:certificate.json");
	map.put("vault.ssl.trust-store", "classpath:certificate.json");

	MapPropertySource propertySource = new MapPropertySource("shouldConfigureSsl", map);
	this.configurableEnvironment.getPropertySources().addFirst(propertySource);

	SslConfiguration sslConfiguration = this.configuration.sslConfiguration();

	assertThat(sslConfiguration.getKeyStore()).isInstanceOf(ClassPathResource.class);
	assertThat(sslConfiguration.getKeyStorePassword()).isEqualTo("key store password");

	assertThat(sslConfiguration.getTrustStore()).isInstanceOf(ClassPathResource.class);
	assertThat(sslConfiguration.getTrustStorePassword()).isEqualTo("trust store password");

	this.configurableEnvironment.getPropertySources().remove(propertySource.getName());
}
 
Example #2
Source File: SpringVaultClientConfiguration.java    From spring-cloud-config with Apache License 2.0 6 votes vote down vote up
@Override
public SslConfiguration sslConfiguration() {
	if (vaultProperties.isSkipSslValidation()) {
		log.warn("The '" + VAULT_PROPERTIES_PREFIX + "skipSslValidation' property "
				+ "is not supported by this Vault environment repository implementation. "
				+ "Use the '" + VAULT_PROPERTIES_PREFIX
				+ "ssl` properties to provide "
				+ "custom keyStore and trustStore material instead.");
	}

	VaultEnvironmentProperties.Ssl ssl = vaultProperties.getSsl();

	SslConfiguration.KeyStoreConfiguration keyStoreConfiguration = getKeyStoreConfiguration(
			ssl.getKeyStore(), ssl.getKeyStorePassword());

	SslConfiguration.KeyStoreConfiguration trustStoreConfiguration = getKeyStoreConfiguration(
			ssl.getTrustStore(), ssl.getTrustStorePassword());

	return new SslConfiguration(keyStoreConfiguration, trustStoreConfiguration);
}
 
Example #3
Source File: EnvironmentVaultConfiguration.java    From spring-vault with Apache License 2.0 6 votes vote down vote up
private KeyStoreConfiguration getKeyStoreConfiguration(String resourceProperty, String passwordProperty,
		String keystoreTypeProperty) {

	Resource keyStore = getResource(resourceProperty);
	String keyStorePassword = getProperty(passwordProperty);
	String keystoreType = getProperty(keystoreTypeProperty, SslConfiguration.PEM_KEYSTORE_TYPE);

	if (keyStore == null) {
		return KeyStoreConfiguration.unconfigured();
	}

	if (StringUtils.hasText(keyStorePassword)) {
		return KeyStoreConfiguration.of(keyStore, keyStorePassword.toCharArray(), keystoreType);
	}

	return KeyStoreConfiguration.of(keyStore).withStoreType(keystoreType);
}
 
Example #4
Source File: SpringVaultClientConfigurationTests.java    From spring-cloud-config with Apache License 2.0 6 votes vote down vote up
@Test
public void customSslConfiguration() {
	VaultEnvironmentProperties properties = new VaultEnvironmentProperties();
	properties.getSsl().setKeyStore(new ClassPathResource("ssl-test.jks"));
	properties.getSsl().setKeyStorePassword("password");
	properties.getSsl().setTrustStore(new ClassPathResource("ssl-test.jks"));
	properties.getSsl().setTrustStorePassword("password");

	SpringVaultClientConfiguration configuration = getConfiguration(properties);
	SslConfiguration sslConfiguration = configuration.sslConfiguration();

	KeyStoreConfiguration keyStoreConfiguration = sslConfiguration
			.getKeyStoreConfiguration();
	KeyStoreConfiguration trustStoreConfiguration = sslConfiguration
			.getTrustStoreConfiguration();
	assertThat(keyStoreConfiguration.isPresent()).isTrue();
	assertThat(new String(keyStoreConfiguration.getStorePassword()))
			.isEqualTo("password");
	assertThat(trustStoreConfiguration.isPresent()).isTrue();
	assertThat(new String(trustStoreConfiguration.getStorePassword()))
			.isEqualTo("password");
}
 
Example #5
Source File: ClientHttpConnectorFactory.java    From spring-vault with Apache License 2.0 6 votes vote down vote up
static ClientHttpConnector usingReactorNetty(ClientOptions options, SslConfiguration sslConfiguration) {
	HttpClient client = HttpClient.create();

	if (hasSslConfiguration(sslConfiguration)) {

		SslContextBuilder sslContextBuilder = SslContextBuilder.forClient();
		configureSsl(sslConfiguration, sslContextBuilder);

		client = client.secure(builder -> {
			builder.sslContext(sslContextBuilder);
		});
	}

	client = client.tcpConfiguration(it -> it.option(ChannelOption.CONNECT_TIMEOUT_MILLIS,
			Math.toIntExact(options.getConnectionTimeout().toMillis())));

	return new ReactorClientHttpConnector(client);
}
 
Example #6
Source File: ClientHttpConnectorFactory.java    From spring-vault with Apache License 2.0 6 votes vote down vote up
private static void configureSsl(SslConfiguration sslConfiguration, SslContextBuilder sslContextBuilder) {

		try {

			if (sslConfiguration.getTrustStoreConfiguration().isPresent()) {
				sslContextBuilder
						.trustManager(createTrustManagerFactory(sslConfiguration.getTrustStoreConfiguration()));
			}

			if (sslConfiguration.getKeyStoreConfiguration().isPresent()) {
				sslContextBuilder.keyManager(createKeyManagerFactory(sslConfiguration.getKeyStoreConfiguration(),
						sslConfiguration.getKeyConfiguration()));
			}
		}
		catch (GeneralSecurityException | IOException e) {
			throw new IllegalStateException(e);
		}
	}
 
Example #7
Source File: ClientHttpConnectorFactory.java    From spring-vault with Apache License 2.0 6 votes vote down vote up
/**
 * Create a {@link ClientHttpConnector} for the given {@link ClientOptions} and
 * {@link SslConfiguration}.
 * @param options must not be {@literal null}
 * @param sslConfiguration must not be {@literal null}
 * @return a new {@link ClientHttpConnector}.
 */
public static ClientHttpConnector create(ClientOptions options, SslConfiguration sslConfiguration) {

	Assert.notNull(options, "ClientOptions must not be null");
	Assert.notNull(sslConfiguration, "SslConfiguration must not be null");

	if (REACTOR_NETTY_PRESENT) {
		return ReactorNetty.usingReactorNetty(options, sslConfiguration);
	}

	if (JETTY_PRESENT) {
		return JettyClient.usingJetty(options, sslConfiguration);
	}

	throw new IllegalStateException("No supported Reactive Http Client library available (Reactor Netty, Jetty)");
}
 
Example #8
Source File: ClientHttpRequestFactoryFactoryIntegrationTests.java    From spring-vault with Apache License 2.0 6 votes vote down vote up
@Test
void httpComponentsClientUsingPemShouldWork() throws Exception {

	File caCertificate = new File(Settings.findWorkDir(), "ca/certs/ca.cert.pem");
	SslConfiguration sslConfiguration = SslConfiguration.forTrustStore(SslConfiguration.KeyStoreConfiguration
			.of(new FileSystemResource(caCertificate)).withStoreType(SslConfiguration.PEM_KEYSTORE_TYPE));

	ClientHttpRequestFactory factory = HttpComponents.usingHttpComponents(new ClientOptions(), sslConfiguration);
	RestTemplate template = new RestTemplate(factory);

	String response = request(template);

	assertThat(factory).isInstanceOf(HttpComponentsClientHttpRequestFactory.class);
	assertThat(response).isNotNull().contains("initialized");

	((DisposableBean) factory).destroy();
}
 
Example #9
Source File: VaultInitializer.java    From spring-vault with Apache License 2.0 6 votes vote down vote up
/**
 * Create a new {@link VaultInitializer} with the given {@link SslConfiguration} and
 * {@link VaultEndpoint}.
 * @param sslConfiguration must not be {@literal null}.
 * @param vaultEndpoint must not be {@literal null}.
 */
public VaultInitializer(SslConfiguration sslConfiguration, VaultEndpoint vaultEndpoint) {

	Assert.notNull(sslConfiguration, "SslConfiguration must not be null");
	Assert.notNull(vaultEndpoint, "VaultEndpoint must not be null");

	RestTemplate restTemplate = TestRestTemplateFactory.create(sslConfiguration);
	WebClient webClient = TestWebClientFactory.create(sslConfiguration);

	VaultTemplate vaultTemplate = new VaultTemplate(TestRestTemplateFactory.TEST_VAULT_ENDPOINT,
			restTemplate.getRequestFactory(), new PreparingSessionManager());

	this.token = Settings.token();

	this.prepareVault = new PrepareVault(webClient, TestRestTemplateFactory.create(sslConfiguration),
			vaultTemplate);
	this.vaultEndpoint = vaultEndpoint;
}
 
Example #10
Source File: VaultRule.java    From spring-cloud-vault with Apache License 2.0 6 votes vote down vote up
/**
 * Create a new {@link VaultRule} with the given {@link SslConfiguration} and
 * {@link VaultEndpoint}.
 * @param sslConfiguration must not be {@literal null}.
 * @param vaultEndpoint must not be {@literal null}.
 */
public VaultRule(SslConfiguration sslConfiguration, VaultEndpoint vaultEndpoint) {

	Assert.notNull(sslConfiguration, "SslConfiguration must not be null");
	Assert.notNull(vaultEndpoint, "VaultEndpoint must not be null");

	ClientHttpRequestFactory requestFactory = TestRestTemplateFactory
			.create(sslConfiguration).getRequestFactory();

	VaultTemplate vaultTemplate = new VaultTemplate(vaultEndpoint, requestFactory,
			new PreparingSessionManager());

	this.token = Settings.token();
	this.prepareVault = new PrepareVault(vaultTemplate);
	this.vaultEndpoint = vaultEndpoint;
}
 
Example #11
Source File: HashicorpKeyVaultServiceFactoryUtilTest.java    From tessera with Apache License 2.0 6 votes vote down vote up
@Test
public void configureSslUsesKeyStoreAndTrustStoreIfBothProvided() throws Exception {
    KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
    EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);

    Path path = Files.createTempFile(UUID.randomUUID().toString(), ".tmp");
    path.toFile().deleteOnExit();

    when(keyVaultConfig.hasProperty("tlsKeyStorePath","tlsTrustStorePath")).thenReturn(true);

    when(keyVaultConfig.getProperty("tlsKeyStorePath")).thenReturn(Optional.of(path.toString()));
    when(keyVaultConfig.getProperty("tlsTrustStorePath")).thenReturn(Optional.of(path.toString()));

    SslConfiguration result = util.configureSsl(keyVaultConfig, envProvider);

    assertThat(result.getKeyStoreConfiguration().isPresent()).isTrue();
    assertThat(result.getTrustStoreConfiguration().isPresent()).isTrue();
}
 
Example #12
Source File: HashicorpKeyVaultServiceFactoryUtilTest.java    From tessera with Apache License 2.0 6 votes vote down vote up
@Test
public void configureSslUsesTrustStoreOnlyIfProvided() throws Exception {
    KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
    EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);

    Path path = Files.createTempFile(UUID.randomUUID().toString(), ".tmp");
    path.toFile().deleteOnExit();

    when(keyVaultConfig.hasProperty("tlsTrustStorePath")).thenReturn(true);
    when(keyVaultConfig.hasProperty("tlsKeyStorePath")).thenReturn(false);

    when(keyVaultConfig.getProperty("tlsKeyStorePath")).thenReturn(Optional.empty());
    when(keyVaultConfig.getProperty("tlsTrustStorePath")).thenReturn(Optional.of(path.toString()));

    SslConfiguration result = util.configureSsl(keyVaultConfig, envProvider);

    assertThat(result.getKeyStoreConfiguration().isPresent()).isFalse();
    assertThat(result.getTrustStoreConfiguration().isPresent()).isTrue();
}
 
Example #13
Source File: VaultConfigurationUtil.java    From spring-cloud-vault with Apache License 2.0 5 votes vote down vote up
/**
 * Create a {@link SslConfiguration} given {@link Ssl SSL properties}.
 * @param ssl the SSL properties.
 * @return the SSL configuration.
 */
static SslConfiguration createSslConfiguration(Ssl ssl) {

	if (ssl == null) {
		return SslConfiguration.unconfigured();
	}

	KeyStoreConfiguration keyStore = KeyStoreConfiguration.unconfigured();
	KeyStoreConfiguration trustStore = KeyStoreConfiguration.unconfigured();

	if (ssl.getKeyStore() != null) {
		if (StringUtils.hasText(ssl.getKeyStorePassword())) {
			keyStore = KeyStoreConfiguration.of(ssl.getKeyStore(),
					ssl.getKeyStorePassword().toCharArray());
		}
		else {
			keyStore = KeyStoreConfiguration.of(ssl.getKeyStore());
		}
	}

	if (ssl.getTrustStore() != null) {

		if (StringUtils.hasText(ssl.getTrustStorePassword())) {
			trustStore = KeyStoreConfiguration.of(ssl.getTrustStore(),
					ssl.getTrustStorePassword().toCharArray());
		}
		else {
			trustStore = KeyStoreConfiguration.of(ssl.getTrustStore());
		}
	}

	return new SslConfiguration(keyStore, trustStore);
}
 
Example #14
Source File: VaultReactiveBootstrapConfiguration.java    From spring-cloud-vault with Apache License 2.0 5 votes vote down vote up
/**
 * Creates a {@link ClientHttpConnector} configured with {@link ClientOptions} and
 * {@link SslConfiguration} which are not necessarily applicable for the whole
 * application.
 * @param vaultProperties the Vault properties.
 * @return the {@link ClientHttpConnector}.
 */
private static ClientHttpConnector createConnector(VaultProperties vaultProperties) {

	ClientOptions clientOptions = new ClientOptions(
			Duration.ofMillis(vaultProperties.getConnectionTimeout()),
			Duration.ofMillis(vaultProperties.getReadTimeout()));

	SslConfiguration sslConfiguration = VaultConfigurationUtil
			.createSslConfiguration(vaultProperties.getSsl());

	return ClientHttpConnectorFactory.create(clientOptions, sslConfiguration);
}
 
Example #15
Source File: KubernetesHashicorpVaultClientAuthenticationProvider.java    From knox with Apache License 2.0 5 votes vote down vote up
private RestOperations getRestOperations(Map<String, String> properties) throws Exception {
  String vaultAddress = properties.get(HashicorpVaultAliasService.VAULT_ADDRESS_KEY);
  VaultEndpoint vaultEndpoint = VaultEndpoint.from(new URI(vaultAddress));
  VaultEndpointProvider vaultEndpointProvider = SimpleVaultEndpointProvider.of(vaultEndpoint);
  ClientOptions clientOptions = new ClientOptions();
  SslConfiguration sslConfiguration = SslConfiguration.unconfigured();
  ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(
      clientOptions, sslConfiguration);
  return VaultClients.createRestTemplate(vaultEndpointProvider, clientHttpRequestFactory);
}
 
Example #16
Source File: ClientCertificateAuthenticationIntegrationTestBase.java    From spring-vault with Apache License 2.0 5 votes vote down vote up
static SslConfiguration prepareCertAuthenticationMethod(SslConfiguration.KeyConfiguration keyConfiguration) {

		SslConfiguration original = createSslConfiguration();

		return new SslConfiguration(KeyStoreConfiguration
				.of(new FileSystemResource(new File(findWorkDir(), "client-cert.jks")), "changeit".toCharArray()),
				keyConfiguration, original.getTrustStoreConfiguration());
	}
 
Example #17
Source File: ClientCertificateAuthenticationOperatorIntegrationTests.java    From spring-vault with Apache License 2.0 5 votes vote down vote up
@Test
void shouldSelectKey() {

	WebClient webClient = TestWebClientFactory.create(
			prepareCertAuthenticationMethod(SslConfiguration.KeyConfiguration.of("changeit".toCharArray(), "1")));

	AuthenticationStepsOperator operator = new AuthenticationStepsOperator(
			ClientCertificateAuthentication.createAuthenticationSteps(), webClient);

	operator.getVaultToken() //
			.as(StepVerifier::create) //
			.expectNextCount(1) //
			.verifyComplete();
}
 
Example #18
Source File: VaultBootstrapConfiguration.java    From spring-cloud-vault with Apache License 2.0 5 votes vote down vote up
/**
 * Creates a {@link ClientFactoryWrapper} containing a
 * {@link ClientHttpRequestFactory}. {@link ClientHttpRequestFactory} is not exposed
 * as root bean because {@link ClientHttpRequestFactory} is configured with
 * {@link ClientOptions} and {@link SslConfiguration} which are not necessarily
 * applicable for the whole application.
 * @return the {@link ClientFactoryWrapper} to wrap a {@link ClientHttpRequestFactory}
 * instance.
 */
@Bean
@ConditionalOnMissingBean
public ClientFactoryWrapper clientHttpRequestFactoryWrapper() {

	ClientOptions clientOptions = new ClientOptions(
			Duration.ofMillis(this.vaultProperties.getConnectionTimeout()),
			Duration.ofMillis(this.vaultProperties.getReadTimeout()));

	SslConfiguration sslConfiguration = VaultConfigurationUtil
			.createSslConfiguration(this.vaultProperties.getSsl());

	return new ClientFactoryWrapper(
			ClientHttpRequestFactoryFactory.create(clientOptions, sslConfiguration));
}
 
Example #19
Source File: ClientCertificateAuthenticationOperatorIntegrationTests.java    From spring-vault with Apache License 2.0 5 votes vote down vote up
@Test
void shouldSelectInvalidKey() {

	WebClient webClient = TestWebClientFactory.create(
			prepareCertAuthenticationMethod(SslConfiguration.KeyConfiguration.of("changeit".toCharArray(), "2")));

	AuthenticationStepsOperator operator = new AuthenticationStepsOperator(
			ClientCertificateAuthentication.createAuthenticationSteps(), webClient);

	operator.getVaultToken() //
			.as(StepVerifier::create) //
			.verifyError(VaultLoginException.class);
}
 
Example #20
Source File: TestRestTemplateFactory.java    From spring-cloud-vault with Apache License 2.0 5 votes vote down vote up
private static void initializeClientHttpRequestFactory(
		SslConfiguration sslConfiguration) throws Exception {

	if (factoryCache.get() != null) {
		return;
	}

	final ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory
			.create(new ClientOptions(), sslConfiguration);

	if (factoryCache.compareAndSet(null, clientHttpRequestFactory)) {

		if (clientHttpRequestFactory instanceof InitializingBean) {
			((InitializingBean) clientHttpRequestFactory).afterPropertiesSet();
		}

		if (clientHttpRequestFactory instanceof DisposableBean) {

			Runtime.getRuntime().addShutdownHook(
					new Thread("ClientHttpRequestFactory Shutdown Hook") {

						@Override
						public void run() {
							try {
								((DisposableBean) clientHttpRequestFactory).destroy();
							}
							catch (Exception e) {
								e.printStackTrace();
							}
						}
					});
		}
	}
}
 
Example #21
Source File: TestRestTemplateFactory.java    From spring-vault with Apache License 2.0 5 votes vote down vote up
private static void initializeClientHttpRequestFactory(SslConfiguration sslConfiguration) throws Exception {

		if (factoryCache.get() != null) {
			return;
		}

		final ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory
				.create(new ClientOptions(), sslConfiguration);

		if (factoryCache.compareAndSet(null, clientHttpRequestFactory)) {

			if (clientHttpRequestFactory instanceof InitializingBean) {
				((InitializingBean) clientHttpRequestFactory).afterPropertiesSet();
			}

			if (clientHttpRequestFactory instanceof DisposableBean) {

				Runtime.getRuntime().addShutdownHook(new Thread("ClientHttpRequestFactory Shutdown Hook") {

					@Override
					public void run() {
						try {
							((DisposableBean) clientHttpRequestFactory).destroy();
						}
						catch (Exception e) {
							e.printStackTrace();
						}
					}
				});
			}
		}
	}
 
Example #22
Source File: TestRestTemplateFactory.java    From spring-cloud-vault with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new {@link RestTemplate} using the {@link SslConfiguration}. The
 * underlying {@link ClientHttpRequestFactory} is cached. See
 * {@link #create(ClientHttpRequestFactory)} to create {@link RestTemplate} for a
 * given {@link ClientHttpRequestFactory}.
 * @param sslConfiguration must not be {@literal null}.
 * @return
 */
public static RestTemplate create(SslConfiguration sslConfiguration) {

	Assert.notNull(sslConfiguration, "SslConfiguration must not be null!");

	try {
		initializeClientHttpRequestFactory(sslConfiguration);
		return create(factoryCache.get());
	}
	catch (Exception e) {
		throw new IllegalStateException(e);
	}
}
 
Example #23
Source File: SpringVaultClientConfigurationTests.java    From spring-cloud-config with Apache License 2.0 5 votes vote down vote up
@Test
public void defaultSslConfiguration() {
	VaultEnvironmentProperties properties = new VaultEnvironmentProperties();

	SpringVaultClientConfiguration configuration = getConfiguration(properties);
	SslConfiguration sslConfiguration = configuration.sslConfiguration();

	assertThat(sslConfiguration.getKeyStoreConfiguration())
			.isEqualTo(KeyStoreConfiguration.unconfigured());
	assertThat(sslConfiguration.getTrustStoreConfiguration())
			.isEqualTo(KeyStoreConfiguration.unconfigured());
}
 
Example #24
Source File: Settings.java    From spring-cloud-vault with Apache License 2.0 5 votes vote down vote up
/**
 * @return the vault properties.
 */
public static SslConfiguration createSslConfiguration() {

	File workDir = findWorkDir();

	return SslConfiguration.forTrustStore(
			new FileSystemResource(new File(workDir, "keystore.jks")),
			"changeit".toCharArray());
}
 
Example #25
Source File: TestWebClientFactory.java    From spring-vault with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new {@link WebClient} using the {@link SslConfiguration}. See
 * {@link ReactiveVaultClients#createWebClient(VaultEndpoint, ClientHttpConnector)} to
 * create {@link WebClient} for a given {@link ClientHttpConnector}.
 * @param sslConfiguration must not be {@literal null}.
 * @return
 */
public static WebClient create(SslConfiguration sslConfiguration) {

	Assert.notNull(sslConfiguration, "SslConfiguration must not be null!");

	try {
		ClientHttpConnector connector = ClientHttpConnectorFactory.create(new ClientOptions(), sslConfiguration);
		return ReactiveVaultClients.createWebClient(TEST_VAULT_ENDPOINT, connector);
	}
	catch (Exception e) {
		throw new IllegalStateException(e);
	}
}
 
Example #26
Source File: Settings.java    From spring-vault with Apache License 2.0 5 votes vote down vote up
/**
 * @return the vault properties.
 */
public static SslConfiguration createSslConfiguration() {

	File workDir = findWorkDir();

	return SslConfiguration.forTrustStore(new FileSystemResource(new File(workDir, "keystore.jks")),
			"changeit".toCharArray());
}
 
Example #27
Source File: TestRestTemplateFactory.java    From spring-vault with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new {@link RestTemplate} using the {@link SslConfiguration}. The
 * underlying {@link ClientHttpRequestFactory} is cached. See
 * {@link #create(ClientHttpRequestFactory)} to create {@link RestTemplate} for a
 * given {@link ClientHttpRequestFactory}.
 * @param sslConfiguration must not be {@literal null}.
 * @return
 */
public static RestTemplate create(SslConfiguration sslConfiguration) {

	Assert.notNull(sslConfiguration, "SslConfiguration must not be null!");

	try {
		initializeClientHttpRequestFactory(sslConfiguration);
		return create(factoryCache.get());
	}
	catch (Exception e) {
		throw new IllegalStateException(e);
	}
}
 
Example #28
Source File: ClientHttpRequestFactoryFactory.java    From spring-vault with Apache License 2.0 5 votes vote down vote up
static ClientHttpRequestFactory usingHttpComponents(ClientOptions options, SslConfiguration sslConfiguration)
		throws GeneralSecurityException, IOException {

	HttpClientBuilder httpClientBuilder = HttpClients.custom();

	httpClientBuilder.setRoutePlanner(
			new SystemDefaultRoutePlanner(DefaultSchemePortResolver.INSTANCE, ProxySelector.getDefault()));

	if (hasSslConfiguration(sslConfiguration)) {

		SSLContext sslContext = getSSLContext(sslConfiguration, getTrustManagers(sslConfiguration));
		SSLConnectionSocketFactory sslSocketFactory = new SSLConnectionSocketFactory(sslContext);
		httpClientBuilder.setSSLSocketFactory(sslSocketFactory);
		httpClientBuilder.setSSLContext(sslContext);
	}

	RequestConfig requestConfig = RequestConfig.custom()
			//
			.setConnectTimeout(Math.toIntExact(options.getConnectionTimeout().toMillis())) //
			.setSocketTimeout(Math.toIntExact(options.getReadTimeout().toMillis())) //
			.setAuthenticationEnabled(true) //
			.build();

	httpClientBuilder.setDefaultRequestConfig(requestConfig);

	// Support redirects
	httpClientBuilder.setRedirectStrategy(new LaxRedirectStrategy());

	return new HttpComponentsClientHttpRequestFactory(httpClientBuilder.build());
}
 
Example #29
Source File: HashicorpKeyVaultServiceFactoryUtilTest.java    From tessera with Apache License 2.0 5 votes vote down vote up
@Test
public void configureSslUsesNoKeyStoresIfNoneProvided() {
    KeyVaultConfig keyVaultConfig = mock(KeyVaultConfig.class);
    EnvironmentVariableProvider envProvider = mock(EnvironmentVariableProvider.class);

    when(keyVaultConfig.getProperty("tlsKeyStorePath")).thenReturn(Optional.empty());
    when(keyVaultConfig.getProperty("tlsTrustStorePath")).thenReturn(Optional.empty());

    SslConfiguration result = util.configureSsl(keyVaultConfig, envProvider);

    assertThat(result.getKeyStoreConfiguration().isPresent()).isFalse();
    assertThat(result.getTrustStoreConfiguration().isPresent()).isFalse();
}
 
Example #30
Source File: HashicorpKeyVaultServiceFactoryUtilTest.java    From tessera with Apache License 2.0 5 votes vote down vote up
@Test
public void createClientHttpRequestFactory() {
    ClientOptions clientOptions = mock(ClientOptions.class);
    SslConfiguration sslConfiguration = mock(SslConfiguration.class);

    SslConfiguration.KeyStoreConfiguration keyStoreConfiguration = mock(SslConfiguration.KeyStoreConfiguration.class);
    when(sslConfiguration.getKeyStoreConfiguration()).thenReturn(keyStoreConfiguration);
    when(sslConfiguration.getTrustStoreConfiguration()).thenReturn(keyStoreConfiguration);

    when(clientOptions.getConnectionTimeout()).thenReturn(Duration.ZERO);
    when(clientOptions.getReadTimeout()).thenReturn(Duration.ZERO);

    ClientHttpRequestFactory result = util.createClientHttpRequestFactory(clientOptions, sslConfiguration);

    assertThat(result).isInstanceOf(OkHttp3ClientHttpRequestFactory.class);
}